If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

ideas for security threats to an online application

Ok.

For my dissertation, part of it is about finding possible threats to online gambling, relating to how a player can get some assurance that they are not gonna get cheated online. - either by a player, or host, intentionally or unintenionally.

A few obvious things I have:

-players could collude
-house could be corrupt
-software player installs could be buggy
-phishing (fake emails) could be sent asking players to install 'updates' which could be a trojan, telling players what cards they have
-players could use statistical software to aid them
-servers may crash
-may be problems with shuffle algorithm

and there may be a few more. Could people just give thier 2 cents, either by going into specifics on technical aspects (ie the ways in which the server could be attacked (ie by sniffing etc) OR and even better, suggest some new threats to online gambling, and if possible a possible solution to it?

Could people just give thier 2 cents, either by going into specifics on technical aspects (ie the ways in which the server could be attacked (ie by sniffing etc) OR and even better, suggest some new threats to online gambling, and if possible a possible solution to it?

(translated) "I'm trying to sound like I need help, but I'd prefer if you would just write my dissertation for me".

Sounds like you have a good start-you can finish on your own. Your best work is YOUR best work.

translated) "I'm trying to sound like I need help, but I'd prefer if you would just write my dissertation for me".

Sounds like you have a good start-you can finish on your own. Your best work is YOUR best work.

lol. I dont know who annoyed you today, but that is not what I am saying at all.

I have 20,000 words to write, and trying to get a few ideas that I might not have thought of certainly in my book is not against any rules. I have enough ideas to fill out the 20,000 words, as the other half of the project is on legal and regfulatory issues. Security is something which I am not too familiar with so was asking for some ideas...thats all.

andrewsco, good points so far, I think you've managed to nail most of them. In a tournament or 'for money' game situation, one player may resort to out-of-band (at least considering the poker applet/program being used) attacks to knock out or DoS opponents. If you are winning, and the game has no "All In Protection", you could DoS someone off their ISP connection if you knew their IP, just so they'd loose their money to the pot, increasing your odd's and potential winnings.

/me hasn't been playing online poker AT ALL lately...
Well, I play a LOT...but never for real money. I save that for when I can drink beer and play against so-called-friends and look them in the eye.

"Data is not necessarily information. Information does not necessarily lead to knowledge. And knowledge is not always sufficient to discover truth and breed wisdom." --SpafAnyone who is capable of getting themselves made president should on no account be allowed to do the job. --Douglas Adams (1952-2001)
"...people find it far easier to forgive others for being wrong than being right." - Albus Percival Wulfric Brian Dumbledore